We have the following:
a) Wireless Network WIFI-A with
WPA2 Personal,
a preshared key,
client traffic in separate zone,
AES,
no client isolation,
SSID visible,
U-APSD enabled,
Fast transition disabled,
no MAC filter
b) Wireless Network WIFI-B with
WPA2 Enterprise, (qith authentication from a Linux FreeRadius server)
client traffic in separate zone,
AES,
client isolation enabled,
SSID visible,
U-APSD enabled,
Fast transition disabled,
no MAC filter
As further relevant configuration there is:
Interface INT-A of type Ethernet, hardware wlan4, IP 172.16.10.1/24 (=NET-A), MTU 1500, metric 20
Interface INT-B of type Ethernet, hardware wlan4, IP 172.16.11.1/24 (=NET-A), MTU 1500, metric 20
Network services: Allow DNS from NET-A and from NET-B
Netwrok services: DHCP with range, DNS server, and default gateway suitable for NET-A and similarly for NET-B
Network protection: Allow Any from NET-A or NET-B to Internet IPv4/IPv6
--
When we connect an iPhon to WIFI-A, it can surf the internet fine. However, anything requiring the apple-id, in particular an initial configuration of a new iPhone does *not* work
When we connect the same iPhone to WIFI-B, the problem does not occur.
As far as I can tell, the only differences are about client isolation - which should not make a difference for communication iPhone to Appple; and WPA2 personal instead of WPA2 Enterprise - which I cannot imagine to make a difference.
What is wrong here?
This thread was automatically locked due to age.